Why HTTPS Alone Won’t Keep You Safe On Public WiFi

Long ago when the internet was young, the standard system for sending data was HTTP (HyperText Transfer Protocol). Then we realized that information sent using this protocol was unsecured, and could be stolen by anyone listening in.

The solution was HTTPS, and it was a pretty good one. By encrypting the data you exchange with the internet, it provides pretty good protection against data theft and other forms of cyber attack. That's why it has become the standard protocol for accessing secure websites.

The Problem With HTTPS

There are some problems with HTTPS, though.

The protocol works by making use of another set of security protocols: TLS (Transport Layer Security). TLS is based in public key cryptography, where a combination of a public key and a private key is necessary to decrypt messages. To initiate a connection using HTTPS, your device shares a public key with the site you want to communicate with. After this 'handshake' is complete, a unique private key for your connection is generated, and all of the information you send and receive is encrypted.

The first problem with HTTPS arises in relation to DNS requests. Everytime you type an address into your device, your computer requests the location of this site from a DNS server. This information is not encrypted, and so can be seen by a hacker who has managed to infiltrate your network. The second, related security risk is DNS Spoofing, where an attacker will poison a DNS server and redirect you to a spoof site.

The third problem with HTTPS is that TLS is vulnerable to direct attack. This has been achieved via either punycode redirects, for instance, through which a spoof site can be made to look entirely legitimate. Or an attacker can infiltrate a target machine directly, and downgrade the TLS protocol in use to an older, less secure one.

The best way to stay safe on public WiFi is to use a VPN. A quality VPN like PureVPN will provide you with cutting-edge encryption for ALL your data, including your DNS requests. This limits your exposure to both DNS leaks and DNS Spoofing attacks.

Whilst using a VPN, your public WiFi security is greatly increased, because all of your data is encrypted. Because you can also hide your true location, VPNs also allow you to avoid tracking, and to limit your exposure to targeted cyber attacks.

A high quality VPN like PureVPN will keep you safe from many of the most common types of cyber attack, whether you are using a public WiFi network or your home WiFi.

So take my advice: don't rely on HTTPS alone. Get a VPN, and take responsibility for your own cyber security.